Race condition in SSSD

#VU88857 Race condition in SSSD

Cybersecurity Help s.r.o.

Published: 2024-04-19

Vulnerability identifier: #VU88857

Vulnerability risk: Medium

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-3758

CWE-ID: CWE-362

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SSSD
Web applications / Remote management & hosting panels

Vendor: SSSD

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to a race condition where the GPO policy is not consistently applied for authenticated users. A remote user can exploit the race and gain unauthorized access to the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SSSD: 2.0.0 - 2.9.4

External links
http://access.redhat.com/errata/RHSA-2024:1919
http://access.redhat.com/errata/RHSA-2024:1920
http://access.redhat.com/errata/RHSA-2024:1921
http://access.redhat.com/errata/RHSA-2024:1922
http://access.redhat.com/security/cve/CVE-2023-3758
http://bugzilla.redhat.com/show_bug.cgi?id=2223762
http://github.com/SSSD/sssd/pull/7302

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM QRadar SIEM

Amazon Linux AMI update for sssd

Multiple vulnerabilities in Red Hat Ceph Storage 5

Multiple vulnerabilities in Juniper Secure Analytics (JSA)

Multiple vulnerabilities in Dell Cloud Tiering Appliance

Ubuntu update for sssd

Red Hat Enterprise Linux 8 update for sssd

openEuler 22.03 LTS SP2 update for sssd

openEuler 20.03 LTS SP4 update for sssd

openEuler update for sssd